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RECEIVED 

DOCKET NO.ii0346ROUS^i MT RAL FAX CENTER 

IN THE UNITED STATES PATENT AND TRADEMARK OFFICE JUN 1 0 2004 

IN RE APPLICATION OF: David MacDonald DELANEY et al ^ r I" I f\ 1 A I 

SERIAL NO: 09/270,733 ART UNIT: 2666 V iT I V I AL 

FILED: March 16, 1999 EXAMINER: Kevin C HARPER 

SUBJECT: VIRTUAL PRIVATE NETWORKS AND METHODS FOR THEIR 
OPERATION 

THE ASSISTANT COMMISSIONER FOR PATENTS 
WASHINGTON, D.C. 20231, U.S.A. 

Sir: 

In response to the Office Action mailed March 12 2004, please amend 
claims 1 , 7, 1 1 , 1 7, 21 , 27, 32, 35, 41 , 51 , 53 and 55 as follows: 
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1. {currently amended) A method off routing packets through a connectionless 
communications network having a plurality of distinct sets of virtual ports, no virtual 
port belonging to more than one of the distinct sets, a respectrve distinct broadcast 
address being assigned to each distinct set of virtual ports, the method comprising: 

assigning a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destination address of the entering packet when a correspondence 
between the destination address and an egress address is known, and the 
respective egress address being a broadcast egress address being selected based 
on the ingress virtual port to correspond oorrooponding to the set comprising the 
ingress virtual port when no correspondence between the destination address and 
an egress address is known; 

adding to each packet entering the network via an ingress virtual port the 
respectrve egress address assigned to that packet to provide a corresponding 
modified packet; 

without establishing a connection through the network for routing the packet. 
routing the modified packet across the network according to the respective added 
egress address from the ingress virtual port to at least one egress virtual port 
associated with the assigned egress address, said routing being restricted to virtual 
ports belonging to the distinct set of virtual ports which includes the ingress virtual 
port; and 

removing from each modified packet received at an egress virtual port of the 
network the egress address assigned to that packet to provide a restored packet. 



2. (original) A method as defined in claim 1, wherein, when the destination 
address of the packet is a unicast address and a correspondence between the 
destination address and a unicast egress address is known: 

the step of assigning an egress address comprises assigning the unicast 
egress address, said unicast egress address corresponding to an egress virtual port 
belonging to the distinct set of virtual ports which includes the ingress virtual port, the 
destination address being accessible from said egress virtual port; and 

the step of routing the packet comprises routing the packet to said egress 
virtual port. 



2 



PAGE 3132 * RCVD AT 6/1012004 9:20:07 AM [Eastern Daylight Time) * SVR:USPTO-EFXRM/G * DNIS:S729314 * CSID:613 768 3635 * DURATION (mm-ss): 1 0-26 



NETWORKS 613 768 3635 TO 617^^72 




JUN 10 2004 09:27 FR NORTEu NETWORKS 613 768 3635 TO 61703S729314 P. 04/32 



DOCKET NO.:10346ROUS01U 

3. (original) A method as defined in claim 1 , wherein, when the destination 
address of the packet is a unicast address and no correspondence between the 
destination address and an egress address is known: 

the step of assigning an egress address comprises assigning a broadcast 
egress address corresponding to the distinct set of virtual ports which includes the 
ingress virtual port; and 

the step of routing the packet comprises routing the packet to each virtual 
port, other than the Ingress virtual port, of the distinct set of virtual ports which 
includes the ingress virtual port. 

4. (original) A method as defined in claim 1 , wherein, when the destination 
address of the packet is a multicast address: 

the step of assigning an egress address comprises assigning a broadcast 
egress address corresponding to the distinct set of virtual ports which includes the 
ingress virtual port; and 

the step of routing the packet comprises routing the packet to each virtual 
port of the distinct set of virtual ports which includes the ingress virtual port other 
than the ingress virtual port. 

5. (original) A method as defined in claim 1 , wherein, when the destination 
address of the packet is a multicast address and a correspondence between the 
destination address and a multicast egress address is known: 

the step of assigning an egress address comprises assigning the multicast 
egress address, said multicast egress address corresponding to a plurality of virtual 
ports belonging to the distinct set of virtual ports which includes the ingress virtual 
port; and 

the step of routing the packet comprises routing the packet to each virtual 
port of said plurality of virtual ports belonging to the distinct set of virtual ports which 
includes the ingress virtual port. 

6. (original) A method as defined in claim 1, further comprising: 
assigning a respective ingress address to each packet entering the network. 

the respective ingress address corresponding to a virtual port via which the packet 
enters the network; 

using the assigned ingress addresses to populate address association tables; 

and 
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using the address association tables to determine correspondences between 
destination addresses and egress addresses. 

7, (currently amended) A method of routing packets through a connectionless 
communications network having a plurality of distinct sets of virtual ports, no virtual 
port belonging to more than one of the distinct sets, a respective distinct broadcast 
address being assigned to each distinct set of virtual ports, the method comprising: 

assigning a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destination address of the entering packet when a correspondence 
between the destination address and an egress address is known, and the 
respective egress address being a broadcast egress address selected based on the 
ingress virtual port to correspond corresponding to the set comprising the ingress 
virtual port when no correspondence between the destination address and an egress 
address is known; 

adding to each packet entering the network via an ingress virtual port the 
respective egress address assigned to that packet to provide a corresponding 
encapsulated packet; 

without establishing a connection through the network for routing the packet. 
routing the encapsulated packet across the network according to the assigned 
respective added egress address encapsulated in the packet from the ingress virtual 
port to at least one egress virtual port associated with the assigned egress address, 
said routing being restricted to virtual ports belonging to the distinct set of virtual 
ports which includes the ingress virtual port; and 

removing from each encapsulated packet received at an egress virtual port of 
the network the egress address assigned to that packet to provide a decapsulated 
packet. 

8. (previously presented) A method of routing packets through a network 
having a plurality of distinct sets of virtual ports, no virtual port belonging to more 
than one of the distinct sets, a respective distinct broadcast address being assigned 
to each distinct set of virtual ports, the method comprising: 

assigning a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destination address of the packet when a correspondence between the 
destination address and an egress address is known, and the respective egress 
address being a broadcast egress address corresponding to the set comprising the 
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ingress virtual port when no correspondence between the destination address and 
an egress address is known; 

adding to each packet entering the network via an ingress virtual port the 
respective egress address assigned to that packet to provide a corresponding 
encapsulated packet; 

assigning a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to the ingress virtual port via which the 
packet enters the network; 

adding the assigned ingress address to each packet entering the network in 
providing the corresponding encapsulated packet; and 

maintaining an address association table associated with each virtual port of 
the network, each address association table mapping each of a plurality of egress 
addresses to at least one corresponding destination address; and 

using the address association tables to determine correspondences between 
destination addresses and egress addresses 

routing the encapsulated packet in the network according to the respective 
added egress address encapsulated in the packet, said routing being restricted to 
virtual ports belonging to the distinct set of virtual ports which includes the ingress 
virtual port; and 

removing from each encapsulated packet received at an egress virtual port 
the egress address assigned to that packet to provide a decapsulated packet, 
wherein: 

on receipt of a packet entering the network via an ingress virtual port, said 
packet including a source address, an entry is added to the address association 
table associated with said ingress virtual port when said address association table 
does not contain the source address in any destination address field of said address 
association table, said entry comprising the source address in a destination address 
field and the ingress address in a corresponding egress address field; and 

on receipt of an encapsulated packet at a virtual port of the network, said 
encapsulated packet including a source address and an ingress address, an entry is 
added to the address association table associated with said virtual port when said 
address association table does not contain the source address in any destination 
address field of said address association table, said entry comprising the source 
address in a destination address field and the Ingress address in a corresponding 
egress address field. 

9. (original) A method as defined in claim 1, wherein: 
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the step of routing the packet according to the respective egress address 
comprises routing the packet via trunks of the network; and 

when the packet is assigned a broadcast egress address corresponding to a 
distinct set of virtual ports, the step of routing the packet comprises routing the 
packet via a restricted set of trunks containing onry those trunks required to reach 
virtual ports in the distinct set of virtual ports corresponding to said broadcast egress 
address. 




10. (original) A method as defined in claim 5, wherein: 

the step of routing the packet according to the respective egress address 
comprises routing the packet via trunks of the network; and 

when the packet is assigned a multicast egress address corresponding to a 
plurality of virtual ports in a distinct set of virtual ports, the step of routing the packet 
comprises routing the packet via a restricted set of trunks containing only those 
trunks required to reach virtual ports in the plurality of virtual ports corresponding to 
said multicast egress address, 

1 1 . (currently amended) A connectionless communications network, 
comprising plural interconnected routing devices, each routing device comprising: 

a plurality of distinct sets of virtual ports, no virtual port belonging to more 
than one of the distinct sets, and each distinct set being assigned a respective 
distinct broadcast address; 

at least one address assigner operable to assign a respective egress address 
to each packet entering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
when a correspondence between the destination address and an egress address is 
known, and the respective egress address being a broadcast egress address 
selected based on the inoress virtual port to correspond oorroooondina to the set 
comprising the ingress virtual port when no correspondence between the destination 
address and an egress address is known; and 

at least one router operable without establishing a connection through the 
network to route the packet according to the respective egress address, said routing 
being restricted to virtual ports belonging to the distinct set of virtual ports which 
includes the ingress virtual port, 

such that packets can be routed by plural successive routing devices 
according to egress addresses assigned where the packets enter the network. 
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12. (original) A network as defined in claim 11, wherein, when the destination 
address of the packet is a unicast address and a correspondence between the 
destination address and a unicast egress address Is known: 

each address assigner is operable to assign the unicast egress address, said 
unicast egress address corresponding to an egress virtual port belonging to the 
distinct set of virtual ports which includes the ingress virtual port, the destination 
address being accessible from said egress virtual port; and 

each router is operable to route the packet to said egress virtual port. 




13. (original) A network as defined in claim 1 1, wherein, when the destination 
address of the packet is a unicast address and no correspondence between the 
destination address and an egress address is known: 

each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the ingress virtual 
port; and 

each router is operable to route the packet to each virtual port, other than the 
ingress virtual port, of the distinct set of virtual ports which includes the ingress 
virtual port. 

14. (original) A network as defined in claim 1 1 , wherein, when the destination 
address of the packet is a multicast address: 

each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the ingress virtual 
port; and 

each router is operable to route the packet to each virtual port of the distinct 
set of virtual ports which includes the ingress virtual port other than the ingress 
virtual port. 

15. (original) A network as defined in claim 11, wherein, when the destination 
address of the packet is a multicast address and a correspondence between the 
destination address and a multicast egress address is known: 

each address assigner is operable to assign the multicast egress address, 
said multicast egress address corresponding to a plurality of virtual ports belonging 
to the distinct set of virtual ports which includes the ingress virtual port: and 

each router is operable to route the packet to each virtual port of said plurality 
of virtual ports belonging to the distinct set of virtual ports which includes the ingress 
virtual port. 
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16. (original) A network as defined in claim 1 1 , wherein each address 
assigner comprises an address association table and is operable: 

to assign a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to a virtual port via which the packet 
enters the network; 

to use assigned ingress addresses to populate the address association table; 

and 

to use the address association table to determine correspondences between 
destination addresses and egress addresses. 

17. (currently amended) A connectionless communications network, 
mprising: 

a plurality of distinct sets of virtual ports, no virtual port belonging to more 
than one of the distinct sets, and each distinct set being assigned a respective 
distinct broadcast address; 

at least one address assigner operable to assign a respective egress address 
to each packet entering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
and designating an egress virtual port of the network when a correspondence 
between the destination address and an egress address is known, and the 
respective egress address being a broadcast address selected based on the ingress 
virtual port to correspond oorrooponding to the set comprising the ingress virtual port 
when no correspondence between the destination address and an egress address is 
known and comprising an encapsulator for adding to each packet entering the 
network via an ingress virtual port the respective egress address assigned to that 
packet to provide a corresponding encapsulated packet; and 

at least one router operable without establishing a connection across the 
network to route the packet according to the assigned respective egress address 
encapsulated in the packet, said routing being restricted to virtual ports belonging to 
the distinct set of virtual ports which includes the ingress virtual port; and 

a decapsulator for removing from each encapsulated packet received at an 
egress virtual port of the network the egress address assigned to that packet on 
entering the network to provide a decapsulated packet. 

18. (previously presented) A communications network, comprising: 




8 



PAGE 9/32 ' RCVD AT 6/1012004 9:20:07 AM [Eastern Daylight Time] * SVR:USPTO-EFXRF-1/0 ' DNIS:8729314 ■ CSID:613 768 3635 ' DURATION (mm-$s):10-26 



JUN 10 2004 09:28 FR NORT^T NETWORKS 613 768 3635 TO 617EH8729314 P. 10/32 

DOCKET NO.:10346ROUS01 V 

a plurality of distinct sets of virtual ports, no virtual port belonging to more 
than one of the distinct sets, and each distinct set being assigned a respective 
distinct broadcast address; 

at least one address assigner operable: 

to assign a respective egress address to each packet entering the 
network via an ingress virtual port, the respective egress address 
corresponding to a destination address of the entering packet when a 
correspondence between the destination address and an egress address is 
known, and the respective egress address being a broadcast address 
corresponding to the set comprising the ingress virtual port when no 
correspondence between the destination address and an egress address is 
known and comprising an encapsulator for adding to each packet entering 
the network via an ingress virtual port the respective egress address 
assigned to that packet to provide a corresponding encapsulated packet; 

to assign a respective ingress address to each packet entering the 
network, the respective ingress address corresponding to the ingress virtual 
port via which the packet enters the network; 

to add the assigned ingress address to each packet entering the network in 
providing the corresponding encapsulated packet; 

to maintain an address association table, the address association table 
mapping each egress address of a plurality of egress addresses to at least one 
corresponding destination address; and 

to use the address association table to determine correspondences between 
destination addresses and egress addresses, wherein: 

on receipt of a packet entering the network via an ingress virtual port 
corresponding to an ingress address, said packet including a source address, the 
address assigner is operable to add an entry to the address association table 
associated with said Ingress virtual port when address association table does not 
contain the source address in any destination address field of the address 
association table, said entry comprising the source address In a destination address 
field and the ingress address in a corresponding egress address field; and 

on receipt of an encapsulated packet at a virtual port of the network, said 
encapsulated packet including a source address and an Ingress address, the 
address assigner is operable to add an entry to the address association table 

9 
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associated with said virtual port when said address association table does not 
contain the source address in any destination address field of said address 
association table, said entry comprising the source address in a destination address 
field and the ingress address In a corresponding egress address field; 

at least one router operable to route the packet according to the respective 
egress address, said routing being restricted to virtual ports belonging to the distinct 
set of virtual ports which includes the ingress virtual port; and 

a decapsulator for removing from each encapsulated packet received at an 
egress virtual port of the network the egress address assigned to that packet to 
provide a decapsulated packet. 

19. (original) A network as defined in claim 1 1 , further comprising a plurality 
of trunks interconnecting routers of the network, wherein: 

each router is operable to route the packet via trunks of the network; and 
when the packet is assigned a broadcast egress address corresponding to a 
distinct set of virtual ports, each router is operable to route the packet via a restricted 
set of trunks containing only those trunks required to reach virtual ports in the 
distinct set of virtual ports corresponding to said broadcast egress address. 

20. (original) A network as defined in claim 15. further comprising a plurality 
of trunks interconnecting routers of the network, wherein: 

each router is operable to route the packet via trunks of the network; and 
when the packet is assigned a multicast egress address corresponding to a 
plurality of virtual ports in a distinct set of virtual ports, each router is operable to 
route the packet via a restricted set of trunks containing only those trunks required to 
reach virtual ports in the plurality of virtual ports corresponding to said multicast 
egress address. 

21. (currently amended) A routing device for a communications network, the 
routing device comprising: 

a plurality of distinct subsets of virtual ports, no virtual port belonging to more 
than one of the distinct subsets, and each distinct subset being a subset of a 
respective distinct set of virtual ports of the network and each distinct set being 
assigned a respective distinct broadcast address; 

at least one address assign er operable to assign a respective egress address 
to each packet entering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
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and designating an egress virtual port of the networkwhen a correspondence 
between the destination address and an egress address is known, and the 
respective egress address being a broadcast address selected based on the ingress 
virtual port to correspond corroopond i ng to the set comprising the ingress virtual port 
when no correspondence between the destination address and an egress address is 
known; and comprising a packet modifier for adding to each packet entering the 
network via an ingress virtual port the respective egress address assigned to that 
packet to provide a corresponding modified packet; 

at least one router operable without establishing a connection across the 
network to route the packet according to the respective egress address added to the 
modified packet, said routing being restricted to virtual ports belonging to the distinct 
set of virtual ports which includes the ingress virtual port; and 

a packet restorer for removing from each modified packet received at an 
egress virtual port of the network the egress address assigned to that packet on 
entering the network to provide a restored packet. 

22. (original) A routing device as defined in claim 21 , wherein, when the 
destination address of the packet is a unicast address and a correspondence 
between the destination address and a unicast egress address is known: 

each address assigner is operable to assign the unicast egress address, said 
unicast egress address corresponding to an egress virtual port belonging to the 
distinct set of virtual ports which includes the ingress virtual port, the destination 
address being accessible from said egress virtual port; and 

each router is operable to route the packet to said egress virtual port. 

23. (original) A routing device as defined in claim 21 , wherein, when the 
destination address of the packet is a unicast address and no correspondence 
between the destination address and an egress address is known: 

each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the ingress virtual 
port; and 

each router Is operable to route the packet to each virtual port of the distinct 
set of virtual ports which includes the ingress virtual port other than the ingress 
virtual port. 

24. (original) A routing device as defined in claim 21 , wherein, when the 
destination address of the packet is a multicast address: 
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each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the ingress virtual 
port; and 

each router is operable to route the packet to each virtual port of the distinct 
set of virtual ports which includes the ingress virtual port other than the ingress 
virtual port. 

25. (original) A routing device as defined in claim 21 , wherein, when the 
destination address of the packet is a multicast address and a correspondence 
between the destination address and a multicast egress address is known: 

each address assigner is operable to assign the multicast egress address, 
said multicast egress address corresponding to a plurality of virtual ports belonging 
to the distinct set of virtual ports which includes the ingress virtual port; and 

each router is operable to route the packet to each virtual port of said plurality 
of virtual ports belonging to the distinct set of virtual ports which Includes the ingress 
virtual port. 

26. (original) A routing device as defined in claim 21 , wherein each address 
assigner comprises an address association table and is operable: 

to assign a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to a virtual port via which the packet 
enters the network; 

to use assigned ingress addresses to populate the address association table; 

and 

to use the address association table to determine correspondences between 
destination addresses and egress addresses. 

27. (currently amended) A routing device for a communications network, the 
routing device comprising: 

a plurality of distinct subsets of virtual ports, no virtual port belonging to more 
than one of the distinct subsets, and each distinct subset being a subset of a 
respective distinct set of virtual ports of the network and each distinct set being 
assigned a respective distinct broadcast address; 

at least one address assigner operable to assign a respective egress address 
to each packet entering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
and designating an egress virtual port of the networkwhen a correspondence 
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between the destination address and an egress address is known, and the 
respective egress address being a broadcast address corresponding to the set 
comprising the ingress virtual port when no correspondence between the destination 
address and an egress address Is known; and comprising an encapsulator for 
adding to each packet entering the network via an ingress virtual port the respective 
egress address assigned to that packet to provide a corresponding encapsulated 
packet; 

at least one router operable without establishing a connection across the 
network to route the packet according to the assigned respective egress address 
encapsulated in the packet, said routing being restricted to virtual ports belonging to 
the distinct set of virtual ports which includes the ingress virtual port; and 

a decapsulator for removing from each encapsulated packet received at an 
egress virtual port of the network the egress address assigned to that packet oq 
entering the networkto provide a decapsulated packet. 

28. {previously presented) A routing device for a communications network, 
the routing device comprising: 

a plurality of distinct subsets of virtual ports, no virtual port belonging to more 
than one of the distinct subsets, each subset being a subset of a respective distinct 
set of virtual ports of the network and each distinct set being assigned a respective 
distinct broadcast address; 

at least one address assigner operable: 

to assign a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
destination address of the entering packet when a correspondence between the 
destination address and an egress address is known, and the respective egress 
address being a broadcast address corresponding to the set comprising the ingress 
virtual port when no correspondence between the destination address and an egress 
address is known; 

to assign a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to the ingress virtual port via which the 
packet enters the network; 

to add the assigned ingress address to each packet entering the network in 
providing the corresponding encapsulated packet; 

to maintain an address association table, the address association table 
mapping each of a plurality of egress addresses to at least one corresponding 
destination address; and 
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to use the address association table to determine correspondences between 
destination addresses and egress addresses, wherein: 

on receipt of a packet entering the network via a virtual port associated wfth 
an ingress address, said packet including a source address, the address assigner is 
operable to add an entry to the address association table associated with said 
ingress virtual port when the address association table does not contain the source 
address in any destination address field of the address association table, said entry 
comprising the source address in a destination address field and the ingress address 
in a corresponding egress address field; and 

on receipt of an encapsulated packet via a virtual port of the network, said 
encapsulated packet including a source address and an ingress address, the 
address assigner is operable to add an entry to the address association table 
associated with said virtual port when said address association table does not 
contain the source address In any destination address field of said address 
association table, said entry comprising the source address in a destination address 
field and the ingress address in a corresponding egress address field; 

at least one router operable to route the packet according to the respective 
egress address, said routing being restricted to virtual ports belonging to the distinct 
set of virtual ports which includes the ingress virtual port; and 

a decapsulator for removing from each modified packet received at an egress 
virtual port of the network the egress address assigned to that packet to provide a 
decapsulated packet. 

29. (original) A routing device as defined in claim 21, wherein: 

each router is operable to route the packet via trunks of the network; and 
when the packet is assigned a broadcast egress address corresponding to a 
distinct set of virtual ports, each router is operable to route the packet via a restricted 
set of trunks containing only those trunks required to reach virtual ports in the 
distinct set of virtual ports corresponding to said broadcast egress address. 

30. (original) A routing device as defined in claim 25, wherein: 

each router is operable to route the packet via trunks of the network; and 
when the packet is assigned a multicast egress address corresponding to a 
plurality of virtual ports in a distinct set of virtual ports, each router is operable to 
route the packet via a restricted set of trunks containing only those trunks required to 
reach virtual ports in the plurality of virtual ports corresponding to said multicast 
egress address. 
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' 31 . (original) A routing device as defined in claim 28, wherein each router 
provides IEEE 802.1 switching functionality adapted to packets encapsulated with 
ingress and egress addresses. 

32. (currently amended) A routing device for a connectionless 
communications network comprising: 

a plurality of distinct subsets of virtual ports, no virtual port belonging to more 
than on© of the distinct subsets, each distinct subset being a subset of a respective 
distinct set of virtual ports of the network and each distinct set being assigned a 
respective distinct broadcast address; 

a respective address assigner for each distinct subset ol virtual ports, each 
address assigner being connected to its respective distinct subset of virtual ports 
and being operable: 

to assign a respective egress address to each packet entering the network 
via an ingress virtual port of the routing device, the respective egress address 
corresponding to a respective destination address of the entering packet when a 
correspondence between the destination address and an egress address is known, 
and the respective egress address being a broadcast egress address selected 
based on the ingress virtual port to correspond corrocponding to the set comprising 
the ingress virtual port when no correspondence between the destination address 
and an egress address is known; and 

to assign a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to the ingress virtual port via which the 
packet enters the network; 

each address assigner comprising: 

an encapsulator for adding to each packet entering the network via an 
ingress virtual port the respective egress address and the respective ingress 
address assigned to that packet to provide a corresponding encapsulated packet; 
and 

a decapsulator for removing from each encapsulated packet received at an 
egress virtual port of the network the egress address assigned to that packet to 
provide a decapsulated packet; and 

at least one router connected to the address assigners and operable without 
establishing a connection across the network to route the packet according to the 
egress address, said routing being restricted to virtual ports belonging to the distinct 
set of virtual ports which includes the ingress virtual port. 
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33. (original) A routing device as defined in claim 32, further comprising a 
switching element connected between at least one address assigner and its 
respective distinct subset of virtual ports, said switching element being operable to 
multiplex the virtual ports of the respective distinct subset of virtual ports onto the 
address assigner. 

34. (original) A routing device as defined in claim 33, wherein: 

each switching element provides IEEE 802.1 switching functionality; and 
each router provides IEEE 802.1 switching functionality adapted to packets 
encapsulated with ingress and egress addresses. 

35. (currently amended) A routing device ao dofin e d in claim 32, furth e f 
comprising: 

a plurality of distinct subsets of virtual ports, no virtual oort belonging to more 
than one of the distinct subsets, each distinct subset be ing a subset of a respective 
distinct set of virtual ports of the network and each distinct set beino assigned a 
respective distinct broadcast address; 

a respective address assigner for each distinct subset of virtual ports, each 
address assloner being connected to its respe ctive distinct subset of virtual ports 
and beino operable; 

to assign a respective egress address to each packet entering the netwo rk 
via an ingress virtual port of the routing device, the respective egress address 
corresponding to a respective destination address o f the entering packet when a 
correspondence between the dest ination addreRR and an egress address is known. 
and the respective egress address being a bro adcast egress address corresponding 
to the set comprising the Ingress victual port w hen no correspondence between the 
destination address and an egre ss address is known; and 

to assign a respective ingress addre ss to each packet entering the network, 
the respective ingress address corresponding to the ingress virtual port via which th? 
packet enters the network; 

each address assigner comprising; 

an encaosulatorfor addlno to each packet enterin g the network via an 
ingress virtual port the respective egress address and the respective ingress 
address assigned to that packet to provide a c o rresponding encapsulated packet; 
and 
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a decapsufator for removing from each encapsulated packet received at an 
egress virtual port of the network the egress address assigned to that packet to 
provide a decapsulated packet: and 

at least one router connected to the address assignors and operable to route 
the packet according to the egress address, said routino being restricted to virtual 
ports belo nging to the distinct set of virtual ports which includes the Ingress virtual 
port, and 

a plurality of VLAN demultiplexers connected to the router, each VLAN 
demultiplexer being connected between the router and a respective plurality of the 
address assignors, each VLAN demultiplexer being associated with a respective 
egress address and being operable to route an encapsulated packet from the router 
to an address assignor associated with the ingress address of the encapsulated 
packet such that all encapsulated packets having a common egress address and an 
ingress address corresponding to a virtual port in a particular set of the distinct sets 
of virtual ports are routed to an address assigner associated with that egress 
address and that particular distinct set of virtual ports. 

36. (original) A routing device as defined in claim 35, further comprising; 
a respective VLAN translator connected to each address assigner that is 

connected to the VLAN demultiplexer, each VLAN translator being operable to apply 
a respective VLAN identifier to packets received from its respective address 
assigner; and 

a router demultiplexer connected to a plurality of the VLAN translators for 
routing packets received from an external router to a VLAN translator selected 
according to VLAN identifiers of the packets received from the external router. 

37. (original) A routing device as defined in claim 35. further comprising a 
respective virtual private router connected to each address assigner that is 
connected to a VLAN demultiplexer. 

38. (original) A routing device as defined in claim 37, further comprising a 
respective network address translator connected to each virtual private router for 
translating addresses between a respective first address space used by its virtual 
private router and a second address space used by an Internet router. 

39. (original) A routing device as defined in claim 38. further comprising an 
Internet router connected to the network address translators. 
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40. (original) A routing device as defined in claim 35, further comprising: 

an MPLS switch, the MPLS switch being operable to route packets between 
an Internet router and address assigners selected according to MPLS labels of the 
packets; and 

a respective MPLS converter connected between each address assigner that 
is connected to a VLAN demultiplexer and the MPLS switch, each MPLS converter: 

being operable to apply a respective MPLS label to each packet received 
from its respective address assigner, safd MPLS label being uniquely associated 
with the MPLS converter; and 

being operable to remove MPLS labels from packets received from the MPLS 

switch. 

41 . (currently amended) A method of routing packets through a 
connectionless communications network having a plurality of distinct sets of virtual 
ports, no virtual port belonging to more than one of the distinct sets, a respective 
distinct broadcast address being assigned to each distinct set of virtual ports, the 
method comprising: 

assigning a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destination address of the entering packet when a correspondence 
between the destination address and an egress address is known, and the 
respective egress address being a broadcast address sel_eqte_d_based on the ingress 
virtual port to correspond correspond i ng t o the set comprising the Ingress virtual port 
when no correspondence between the destination address and an egress address is 
known; 

routing the packet according to the respective egress address without 
establishing a connection across the network , said routing being restricted to virtual 
ports belonging to the distinct set of virtual ports which includes the ingress virtual 
port; and 

routing an encapsulated packet received from the network to an address 
assigner selected according to the ingress address and the egress address of the 
encapsulated packet such that all encapsulated packets having a common egress 
address and an ingress address corresponding to a virtual port in a particular set of 
the distinct sets of virtual ports are routed to an address assigner associated with 
that egress address and that particular distinct set of virtual ports. 
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42. (original) A method as defined in claim 41, further comprising: 
applying a respective VLAN identifier to packets leaving the network from a 

respective address assigner; and 

routing packets received from an external router to an address assigner 
selected according to VLAN identifiers of the packets received from the externa/ 
router. 

43. (original) A method as defined in claim 41, further comprising: 
applying a respective MPLS label to packets leaving the network from an 

address assigner, said MPLS label being uniquely associated with said address 
assigner; 

routing packets between an Internet router and address assigners according 
to MPLS labels of the packets; and 

removing MPLS labels from packets received from the Internet router. 

44. (original) A method as defined in claim 41 f further comprising: 
applying a respective identifier to packets leaving the network from an 

address assigner, said identifier being uniquely associated with said address 
assigner; and 

routing packets into and out of the network according to their respective 
identifiers. 

45. (original) A method as defined in claim 1 , wherein at least one physical 
port of the network maps one-to-one onto a corresponding virtual port of network, 
said physical port and said corresponding virtual port being associated with a 
respective distinct physical address. 

46. (original) A method as defined in claim 1 . wherein at least one physical 
port of the network maps onto a corresponding plurality of virtual ports of the 
network, said physical port being associated with a respective distinct physical 
address, and each virtual port of said corresponding plurality of virtual ports being 
associated with a respective distinct combination of said physical address and a 
respective virtual network identifier. 

47. (original) A network as defined in claim 1 1 . wherein at least one physical 
port of the network maps one-to-one onto a corresponding virtual port of network. 
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said physical port and said corresponding virtual port being associated with a 
respective distinct physical address. 

48. (original) A network as defined in claim 1 1 , wherein at least one physical 
port of the network maps onto a corresponding plurality of virtual ports of the 
network, said physical port being associated with a respective distinct physical 
address, and each virtual port of said corresponding plurality of virtual ports being 
associated with a respective distinct combination of said physical address and a 
respective virtual network identifier. 

49. (original) A routing device as defined in claim 21 , wherein at least one 
physical port of the routing device maps one-to-one onto a corresponding virtual port 
of routing device, said physical port and said corresponding virtual port being 
associated with a respective distinct physical address. 

50. (original) A routing device as defined in claim 21, wherein at least one 
physical port of the routing device maps onto a corresponding plurality of virtual 
ports of the routing device, said physical port being associated with a respective 
distinct physical address, and each virtual port of said corresponding plurality of 
virtual ports being associated with a respective distinct combination of said physical 
address and a respective virtual network identifier, 

51 . (currently amended) A method of routing packets from a first customer 
VLAN segment through a connectionless service provider network having a plurality 
of distinct sets of virtual ports to a second customer VLAN segment, no virtual port 
belonging to more than one of the distinct sets, a respective distinct broadcast 
address being assigned to each distinct set of virtual ports, the method comprising: 

assigning a respective egress address of the service provider network to 
each customer LAN packet entering the service provider network from the first 
customer VLAN segment via an ingress virtual port, the respective egress address 
corresponding to a respective destination address of the customer LAN packet and 
designating an egress virtual port of the service provider network when a 
correspondence between the destination address and an egress address is known, 
and the respective egress address being a broadcast egress address of the service 
provider network selected based on the ingress virtual port tQ porrQ?ponc| 
eo ff oppond i ng to the set of virtual ports of the service provider network comprising 
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the ingress virtual port when no correspondence between the destination address 
and an egress address Is known; 

adding to each customer LAN packet entering the service provider network 
via an ingress virtual port the respective egress address assigned to that packet to 
provide a corresponding service provider network packet; 

without establishing a connection across the service provider network, routing 
the service provider network packet across the service provider network according to 
the respective added egress address from the ingress virtual port to at least one 
egress virtual port associated with the assigned egress address, said routing being 
restricted to virtual ports belonging to the distinct set of virtual ports which includes 
the ingress virtual port; and 

removing from each service provider network packet received at an egress 
virtual port of the service provider network the egress address assigned to that 
packet to provide a restored customer LAN packet for communication to the second 
customer VLAN segment. 




52. (previously presented) A method as defined in claim 51, further 
comprising: 

assigning a respective service provider network ingress address to each 
customer LAN packet entering the service provider network, the respective ingress 
address designating a virtual port of the service provider network via which the 
customer LAN packet enters the service provider network; 

adding the assigned ingress address to customer LAN packet in providing 
the corresponding service provider network packet; 

using the assigned ingress address to populate address association tables at 
nodes of the service provider network traversed by the service provider network 
packet; and 

using the address association tables to determine correspondences between 
destination addresses of the customer LAN segments and egress addresses of the 
service provider network. 

53. {currently amended) A connectionless service provider communications 
network for interconnecting customer LAN segments, the service provider network 
comprising plural interconnected routing devices, each routing device comprising: 

a plurality of distinct sets of virtual ports, no virtual port belonging to more 
than one of the distinct sets, and each distinct set being assigned a respective 
distinct broadcast address; 
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at least one address assigner operable to assign a respective egress address 
to each customer LAN packet entering the service provider network from a customer 
LAN segment via an ingress virtual port, the respective egress address 
corresponding to a destination address of the entering customer LAN packet and 
designating an egress virtual port of the service provider network when a 
correspondence between the destination address and an egress address of the 
service provider network is known, and the respective egress address being a 
broadcast address selected based on the ingress virtual port to correspond 
correspond i ng to the set comprising the ingress virtual port when no correspondence 
between the destination address and an egress address is known; and 

at least one router operable without establishing a connection across the 
service provider network to route the packet according to the respective egress 
address, said routing being restricted to virtual ports of the service provider network 
belonging to the distinct set of virtual ports which includes the ingress virtual port, 

such that packets can be routed by plural successive routing devices 
according to egress addresses assigned where the packets enter the service 
provider network. 

54. (previously presented) A network as defined in claim 53, wherein each 
address assigner comprises an address association table and is operable: 

to assign a respective ingress address to each customer LAN packet 
entering the service provider network, the respective Ingress address designating a 
virtual port of the service provider network via which the packet enters the service 
provider network; 

to use assigned ingress addresses to populate the address association table; 

and 

to use the address association table to determine correspondences between 
destination addresses of customer LAN packets and egress addresses of the service 
provider network. 

55- (currently amended) A routing device for a connectionless, service 
provider network for interconnecting customer LAN segments, the routing device 
comprising: 

a plurality of distinct subsets of virtual ports, no virtual port belonging to more 
than one of the distinct subsets, each subset being a subset of a respective distinct 
set of virtual ports of the service provider network and each distinct set being 
assigned a respective distinct broadcast address of the service provider network; 
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at least one address assigner operable to assign a respective egress address 
of the service provider network to each customer LAN packet entering the service 
provider network from a customer LAN segment via an ingress virtual port of the 
routing device, the respective egress address corresponding to a destination 
address of the entering customer LAN packet and designating an egress virtual port 
of the service provider network when a correspondence between the destination 
address and an egress address of the service provider network is known, and the 
respective egress address being a broadcast address of the service provider 
network selected based on the ingress virtual port to correspond corr es pond i ng to 
the set comprising the ingress virtual port when no correspondence between the 
destination address of the customer LAN packet and an egress address of the 
service provider network is known; and 

at least one router operable without establishing a connection across the 
service provider network to route the packet according to the respective egress 
address, said routing being restricted to virtual ports of the service provider network 
belonging to the distinct set of virtual ports which includes the ingress virtual port. 

56. (previously presented) A routing device as defined in claim 55, wherein 
the address assigner comprises an address association table and is operable: 

to assign a respective ingress address to each customer LAN packet 
entering the service provider network, the respective ingress address designating a 
virtual port of the service provider network via which the packet enters the service 
provider network; 

to use assigned ingress addresses to populate the address association table; 

and 

to use the address association table to determine correspondences between 
destination addresses of customer LAN packets and egress addresses of the service 
provider network. 




23 



PAGE 24/32 * RCVD AT 6/10/2004 9:20:07 AM [Eastern Daylight Time] * SVR:USPTO-EFXRF-1/0 " DNIS:8729314 * CSID:613 768 3635 * DURATION (mm-ss):1D*26 



